Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Internal Security

Check Point and LancopeLancope

To date, IT security organizations have focused on the network perimeter. However, many of today's attacks are introduced from inside the network. Laptops, PDAs, and other devices travel into and out of the network daily, making it possible for legitimate users to infect the network or unwittingly grant attackers access to the network via a Trojan horse or other spyware. Many worms have propagated inside the network after being introduced by an internal source. Once a single network device has been infected, the entire network can be compromised very quickly. Fast-spreading worms, often called "flash" or "blitz" worms, can spread worldwide in a matter of minutes.

With such costly threats becoming increasingly common, organizations have come to realize that they must provide better defenses against worms, unauthorized access threats, and other attacks within their internal network.

The combined solution between the Check Point InterSpect internal security gateway and the Lancope StealthWatch product enables customers to proactively monitor and protect their network from attacks originating inside the corporate LAN. InterSpect has the ability to segment the network into organizational security zones and quarantine infected zones until they have been cleaned-preventing the rest of the network from being infected. InterSpect also provides the deepest and most comprehensive protection for Microsoft protocols, such as MS RPC, CIFS, SQL, and DCOM, as well as other LAN protocols.

Benefits

  • Combines network anomaly detection with protection against LAN protocol vulnerabilities to provide the most comprehensively secured internal network.
  • Increases protection levels and ensures layered defenses are in place to maximize internal security.
  • Stop the spread of worms, viruses, trojans, and DoS attacks that other technologies miss
  • Assess policy compliance and the impact of planned or unanticipated network events
  • Identify and prioritize critical threats to resolve risks and events before they become crises

Lancope StealthWatch
The Lancope StealthWatch network security and monitoring solution reduces business interruption and loss through improved prevention and resolution of network security incidents. StealthWatch continuously measures vital signs of networks and hosts to deliver real-time insight into what is happening now versus what should be happening. StealthWatch combines an approach called Network Behavior Anomaly Detection (NBAD) with flexible, automated mitigation to preempt, detect, and contain zero-day exploits and other threats that bypass traditional security and network monitoring tools.

StealthWatch is a fast, accurate, and cost-effective solution that immediately detects malicious or unauthorized network activity, including new and otherwise unidentifiable threats. As a network-based system, StealthWatch overcomes the cost and complexity of deploying and maintaining signature- or host-based systems. With StealthWatch, organizations can now identify and resolve network exposures, such as new, misconfigured, or unauthorized devices and applications. These threats, which include rogue servers and P2P file sharing applications, result in 65 percent of network risks, according to an estimate by Gartner Group. When unpreventable network events or host infections occur, StealthWatch detects and contains the incident while delivering critical insight that accelerates resolution and minimizes damage.

Through its continuous network awareness, StealthWatch improves the efficiency and effectiveness of policy compliance, network planning, and forensic investigation. Easy-to-use querying and reporting of real-time and historical network intelligence at the network- and host-level streamlines the process of assessing policy compliance and lessens the impact of potential network changes or security incidents.

Check Point InterSpect
Check Point InterSpect is an internal security gateway that blocks the spread of worms and attacks inside the network and provides network zone segmentation. InterSpect is built specifically for internal network security and based on proven Check Point security technologies-INSPECT, Stateful Inspection, Application Intelligence, and SMART (Security Management Architecture).

Benefits

  • Intelligent Worm Defender blocks the spread of worms and attacks inside the network.
  • Network zone segmentation separates the internal network into organizational security zones.
  • Quarantine of suspicious computers isolates attacks and compromised devices.
  • LAN protocol protection provides the deepest and most comprehensive support for Microsoft and other LAN protocols.
  • Pre-emptive attack protection provides proactive defenses against vulnerabilities and attacks before they are exploited.
  • Endpoint security integration enforces endpoint security policies.
  • Integrated SMART Management is scalable, easy to use, and easy to manage.

ArrowMore on Lancope